Delicious Bookmark this on Delicious Share on Facebook SlashdotSlashdot It! Digg! Digg



PHP : Language Reference : Basic syntax

Chapter 1. Basic syntax

Escaping from HTML

When PHP parses a file, it looks for opening and closing tags, which tell PHP to start and stop interpreting the code between them. Parsing in this manner allows php to be embedded in all sorts of different documents, as everything outside of a pair of opening and closing tags is ignored by the PHP parser. Most of the time you will see php embedded in HTML documents, as in this example.

<p>This is going to be ignored.</p>
<?php echo 'While this is going to be parsed.'; ?>
<p>This will also be ignored.</p>

You can also use more advanced structures:

Example 1.1. Advanced escaping

<?php
if ($expression) {
   
?>
   <strong>This is true.</strong>
   <?php
} else {
   
?>
   <strong>This is false.</strong>
   <?php
}
?>


This works as expected, because when PHP hits the ?> closing tags, it simply starts outputting whatever it finds (except for an immediately following newline - see instruction separation ) until it hits another opening tag. The example given here is contrived, of course, but for outputting large blocks of text, dropping out of PHP parsing mode is generally more efficient than sending all of the text through echo() or print().

There are four different pairs of opening and closing tags which can be used in php. Two of those, <?php ?> and <script language="php"> </script>, are always available. The other two are short tags and ASP style tags, and can be turned on and off from the php.ini configuration file. As such, while some people find short tags and ASP style tags convenient, they are less portable, and generally not recommended.

Note:

Also note that if you are embedding PHP within XML or XHTML you will need to use the <?php ?> tags to remain compliant with standards.

Example 1.2. PHP Opening and Closing Tags

1.  <?php echo 'if you want to serve XHTML or XML documents, do like this'; ?>

2.  <script language="php">
       
echo 'some editors (like FrontPage) don\'t
             like processing instructions'
;
   
</script>

3.  <? echo 'this is the simplest, an SGML processing instruction'; ?>
   <?= expression ?> This is a shortcut for "<? echo expression ?>"

4.  <% echo 'You may optionally use ASP-style tags'; %>
   <%= $variable; # This is a shortcut for "<% echo . . ." %>


While the tags seen in examples one and two are both always available, example one is the most commonly used, and recommended, of the two.

Short tags (example three) are only available when they are enabled via the short_open_tag php.ini configuration file directive, or if php was configured with the --enable-short-tags option.

Note:

If you are using PHP 3 you may also enable short tags via the short_tags() function. This is only available in PHP 3!

ASP style tags (example four) are only available when they are enabled via the asp_tags php.ini configuration file directive.

Note:

Support for ASP tags was added in 3.0.4.

Note:

Using short tags should be avoided when developing applications or libraries that are meant for redistribution, or deployment on PHP servers which are not under your control, because short tags may not be supported on the target server. For portable, redistributable code, be sure not to use short tags.

Code Examples / Notes » language.basic_syntax

mrtidy

[Ed Note:
This is because of short_tags, <?xml turns php parsing on, because of the <?.
--irc-html@php.net]
I am moving my site to XHTML and I ran into trouble with the <?xml ?> interfering with the <?php ?> method of escaping for HTML.  A quick check of the mailing list confirmed that the current preferred method to cleanly output the <?xml ?> line is to echo it:
<?php echo("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"); ?>


anon

Yet another way of adding the XML processing instruction is to use:
<?php echo '<?xml version="1.0" ?'.'>' ?>
Because the ? and > are separated, the parser will not terminate before it is supposed to.
As a side note, the W3C's parser seems to recognise this method (assuming it even checks for the PI).


michael newton http://mike.eire.ca/

The XML declaration does not need to be handled specially.
You should output it via an echo statement, in case your code is ever used on a server that is (poorly) configured to use short open tags.
But there's no need to treat the ?> at the end of the string specially.  That's because it's in a string.  The only thing PHP ever looks for in a string is \ or $ (the latter only in double-quoted strings.)
I have never had need for the following, as some have suggested below:
<?php
$xml=rawurldecode('%3C%3Fxml%20version%3D%221.0%22%3F%3E');
echo($xml);
?>
<?php echo '<?xml version="1.0" ?'.'>' ?>
<?php echo "<?xml version=\"1.0\"\x3F>" ?>


mwild

The text between <script> and </script> in XHTML is PCDATA, so <  and & characters in it should be interpreted as markup. This is a bit limiting for PHP, which is often used to output tags, though you can of course use &lt; and &amp; instead. To avoid that, which makes your code look peculiar and is easy to forget to do, you can mark the PHP as CDATA, eg :
<script language="PHP">
//<![CDATA[
echo('Today is <b>'.date('l F jS').'</b>');
//]]>
</script>
If you don't do this, and your code contains < or &, it should be rejected by an XHTML validator.


lachlan hunt

The person that suggested the use of this meta element above is wrong:
<meta http-equiv="Content-Type" content="application/xml+xhtml; charset=UTF-8" />
That meta element and the XML declaration serve completely different purposes, and that meta element should not be used.  Such information should be set using the HTTP Content-Type header (see the header() function).
Any XHTML page that just uses that meta element without proper HTTP Content-Type header, will be processed as text/html by browsers regardless, and when the HTTP headers do serve as application/xhtml+xml (or other XML MIME type), that charset parameter in the meta element will be ignored.


geekman

Regarding the comment by rosswilliams at advocacytechnologies dot org:
Your suspicion is correct. The following all behave exactly the same:
<?php
// output the answer by escaping
if ($true_or_false) {
   ?>
   

The value of $true_or_false is true.
   <?php
} else {
   ?>
   

The value of $true_or_false is false.
   <?php
}
// use echo to do the same thing - more effecient and easier to read in my opinion
if ($true_or_false) {
   echo '

The value of $true_or_false is true.';
} else {
   echo '

The value of $true_or_false is false.';
}
// use ? : operators on entire string
echo ($true_or_false) ? '

The value of $true_or_false is true.' : '

The value of $true_or_false is false.';
// use ? : operators only on the pertinent bit, to save space
echo '

The value of $true_or_false is ' . (($true_or_false) ? 'true' : 'false') . '.';
?>


php

PEAR states:
Always use <?php ?> to delimit PHP code, not the <? ?> shorthand. This is required for PEAR compliance and is also the most portable way to include PHP code on differing operating systems and setups.
It are these small things that enhance readability in group projects, or libraries.


01karlo

Or, use the following:
<?php
$xml=rawurldecode('%3C%3Fxml%20version%3D%221.0%22%3F%3E');
echo($xml);
?>
What is does it the value of the variable $xml is the RAW Url Encoded version of the XML thing.
Then it decodes it and echo it to the visitor.


alfridus

Only this work:
<?php
$xml = '<?xml version="1.0" encoding="UTF-8" standalone="no"?>';
echo $xml;
?>
with space after '<?php' and before ' ?>', no spacing between
'<?xml' and a semicolon after '"no"?>';'.


mart3862

Now the ultimate truth on how you should output xml processing instructions:
There have been several posts suggesting ways to include the text <?xml version="1.0" encoding="utf-8"?> in your output when short_tags is turned on, but only the following should be used:
<?php echo '<?xml version="1.0" ?'.'>' ?>
or
<?php echo "<?xml version=\"1.0\"\x3F>" ?>
Using one of these methods, and not making use of short tags, means your source code will also be a valid XML document, which allows you to do many things with it such as validation, XSLT translations, etc, as well as allowing your text editor to parse your code for syntax colouring.  Every PHP tag will simply be interpreted as an XML processing instruction (commonly referred to as PI).
The reason why all the other suggested methods are not advisable is because they contain the characters ?> inside the PHP tag, which the XML parser will interpret as the end of the processing instruction.
A processing instruction is defined in XML as:
PI ::= '<?' PITarget (S (Char* - (Char* '?>' Char*)))? '?>'
In other words, it explicitly forbids the characters ?> to occur together within a processing instruction, unless they are delimiting the end of the tag.  It also requires a PITarget (an identifier starting with a letter) immediately after the initial start delimiter, which means that all short tag formats are also invalid XML.
Following these guidelines will result in code that is portable to servers with any configuration and allow you perform many useful tasks on your XML or XHTML source documents.  Even if you do not intend to validate or translate your source documents, and you can ignore some incorrect syntax colouring in your text editor, it is still best to get into good habits early.


tarquinwj

Not spotted any messages like this one - delete it if there was one.
My hosting service allows <? and ?>, but I like to use valid XHTML, so I came up with this simple solution:
It is possible to use the short tags <? ?> with XHTML or XML documents. The only problem is that X(HT)ML requires a declaration using <? and ?>
<?xml version="1.0" encoding="UTF-8"?>
To avoid the problem, simply replace <? with <<? ?>?
and ?> with ?<? ?>>
<<? ?>?xml version="1.0" encoding="UTF-8"?<? ?>>
This inserts a blank piece of PHP in between the < and ?, and when parsed will output the regular tag
<?xml version="1.0" encoding="UTF-8"?>


p o r g e s

mike at skew dot org, I believe the differentiation is that "x"-"m"-"l" as a PI target is explicitly excluded from the definition of processing instructions.

mike

mart3862 mentions "XML processing instructions" and quotes their syntax from the spec, but is mistaken in using
<?xml version="1.0" ...?>
as an example. This little bit of markup that appears at the beginning of an XML file is in fact not a processing instruction at all; it is an "XML declaration" -- or, if it appears in an entity other than the main document, a "text declaration". All three constructs are formatted slightly differently, although they all do begin and end with the same.
The difference between a processing instruction, an XML declaration, or a text declaration is more than just a matter of subtle differences in syntax, though. A processing instruction embodies exactly two opaque, author-defined pieces of information (a 'target' and an 'instruction') that are considered to be part of the document's logical structure and that are thus made available to an application by the XML parser. An XML or text declaration, on the other hand, contains one to three specific pieces of information (version, encoding, standalone status), each with a well-defined meaning. This info provides cues to the parser to help it know how to read the file; it is not considered part of the document's logical structure and is not made available to the application.


php

just for conclusion:
<?php echo('<?xml version="1.0" ?'.'>'); ?>
is the right choice :)


pablo littleq.net

Just another more "feature" of IE...
Content-Disposition: attachment; filename=\"__FILE__\";
__FILE__ can't have spaces or :
Regards


tona

Jascam: Try to find more resourceful information to make your point. Your lack of ability to understand more complex concepts is not enough to diminish such a popular language as PHP. Note also that php is not replacing html but complementing it.

stooges_cubed

In the note above about escaping XML/PHP style <?xml tags, the following code was used:
<?php  // Html safe containers
  echo <<<EOD
<?xml version="1.0"?>
...all sorts of XML goes here...
Nothing will affect the output of this code until:
EOD;
?>
EOD is just an example stop/start name.
This works too:
<?php  // Html safe containers
 $myOutput = <<<MYHTMLSAFEOUTPUT
<?xml version="1.0"?>
<html>
 <title>PHP Example</title>
 <body>
 

...all sorts goes here...
 </body>
</html>
MYHTMLSAFEOUTPUT;
echo $myOutput;
?>
Only disadvantage of using this is that all the code highlighting programs I've seen never get it right, making your code look eronous in the majority of viewers.
Another alternative is to keep the XML / HTML in a separate include file and read in when needed. I don't know how efficient/inefficient this is for (idiots like yourselves) small amounts of text.
xmlheader.txt:
<?xml version="1.0"?>
mypage.php:
<?php
 include("xmlheader.txt");
?>


johnbeech

In the note above about escaping XML/PHP style <?xml tags, the following code was used:
<?php  // Html safe containers
  echo <<<EOD
<?xml version="1.0"?>
...all sorts of XML goes here...
Nothing will affect the output of this code until:
  EOD;
?>
EOD is just an example stop/start name.
This works too:
<?php  // Html safe containers
 $myOutput = <<<MYHTMLSAFEOUTPUT
<?xml version="1.0"?>
<html>
 <title>PHP Example</title>
 <body>
   

...all sorts goes here...
 </body>
</html>
MYHTMLSAFEOUTPUT;
echo $myOutput;
?>
Only disadvantage of using this is that all the code highlighting programs I've seen never get it right, making your code look eronous in the majority of viewers.
Another alternative is to keep the XML / HTML in a separate include file and read in when needed. I don't know how efficient/inefficient this is for small amounts of text.
xmlheader.txt:
<?xml version="1.0"?>
mypage.php:
<?php
 include("xmlheader.txt");
?>


brettz9

I've essentially tried to synthesize this
discussion at
http://en.wikibooks.org/wiki/Programming:
Complete_PHP/Escaping_from_HTML
One point not brought up yet...
The HEREDOC problem with some text editors
may be fixable in at least some text editors
by adding a comment with a quotation mark
as such afterwards (albeit necessarily on a
new line):
<?php
$version = "1.0";
print <<<HERE
<?xml version="
HERE;
//"
print $version."\"?>";
?>


christoph

Here's an inspiration on how to quickly fix all scripts relying on short_open_tag being enabled:
find -name '*.php' | xargs perl -pi -e 's/<\?= ?(.*?) ?\?>/<?php echo($1); ?>/g'
find -name '*.php' | xargs perl -pi -e 's/<\?/<?php/g'
find -name '*.php' | xargs perl -pi -e 's/<\?phpphp/<?php/g'


madman

As rosswilliams mentioned;  The example breaking in and out of the PHP tags doesn't "work as expected".  The manual and some comments mention that PHP "simply starts outputting whatever it finds..." any time a closing tag is encountered.  It would make sense to say instead - "...unless PHP is in the middle of a conditional statement; in which case it will only output the relevant block of HTML."
Some have said that using the 'echo' command is cleaner and more  efficient.  However, as the manual points out, the method of breaking out of PHP is more efficient when dealing with large sections of HTML.  Because there is less work for the parser.


crtrue

Although you can use the above methods to pass a document off as a valid for the W3C parser, a simpler-and-perfectly-legal method of doing so is to simple declare the document type in a meta tag. Something along these lines (mind the values in 'content' - I haven't personally used the Content-Type method in awhile):
<meta http-equiv="Content-Type" content="application/xml+xhtml; charset=UTF-8" />
Of course if you're using just XML, and don't use such functions, then the above methods will work just as fine.


dave

A little "feature" of PHP I've discovered is that the <?PHP token requires a space after it whereas after the <? and <% tokens a space is optional.
The error message you get if you miss the space is not too helpful so be warned!
(These examples only give a warning with error_reporting(E_ALL) )
<?PHP/*<Some HTML>*/?> fails...
<?/*<Some HTML>*/?> works...


truepath

"This works as expected, because when PHP hits the ?> closing tags, it simply starts outputting whatever it finds"
This is worded very confusingly so if you think you know what's going on just ignore this (I knew how this had to work from ruby but this comment made me think I was confused).  To be clear the documentation is NOT saying that whenever the PHP *parser* hits the closing tag it starts outputting whatever if finds.  What they mean is that ?> acts just like a php instruction that outputs whatever text it finds until it sees a <?php


rosswilliams

"This works as expected, because when PHP hits the ?> closing tags, it simply starts outputting whatever it finds until it hits another opening tag."
I would suggest it is not clear what "works as expected" means. You may know what to expect. But as a new user I don't.
The explanation would lead one to believe both phrases outside the php code would be outputted to the html document. I suspect that is not what happens, but I will need to go test it.


Change Language


Follow Navioo On Twitter
Basic syntax
Types
Variables
Constants
Expressions
Operators
Control Structures
Functions
Classes and Objects (PHP 4)
Classes and Objects (PHP 5)
Exceptions
References Explained
eXTReMe Tracker